r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12213
Expires: Wed, 18 Jan 2023 19:35:42 GMT
Date: Wed, 18 Jan 2023 16:12:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4397
Expires: Wed, 18 Jan 2023 17:25:26 GMT
Date: Wed, 18 Jan 2023 16:12:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 15:49:20 GMT
content-type: application/json
age: 1369
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4196
Expires: Wed, 18 Jan 2023 17:22:05 GMT
Date: Wed, 18 Jan 2023 16:12:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RvKY/yNN16gjFMQ7HWcfUDHmDmXkwX4v9dizohPyXtHyKwzPoXMo71DCxdUYh3TJSWY5UUZyerk=
x-amz-request-id: MJH3F5D7K389FXMM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 15:45:28 GMT
age: 1601
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
234854.net/
38.53.126.223301 Moved Permanently 0 B IP 38.53.126.223:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 234854.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 18 Jan 2023 16:12:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.234854.net/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 15:17:25 GMT
age: 3284
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5857
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 16:12:09 GMT
Last-Modified: Wed, 18 Jan 2023 14:34:32 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.234854.net/index.php
38.53.126.223200 OK 541 B IP 38.53.126.223:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (629), with CRLF line terminators
Hash dbc66df5724a1a5de1979091453c53a9
0a1f2a65df83a7684a7aed2b1cd345e215d250d8
ef0a5ada16a883d637e13c86267217ec0bfda203caae330d849fd9d8bbde02b7
GET /index.php HTTP/1.1
Host: www.234854.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 16:12:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.10.36.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.36.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y4HjQShj3ZnvRwMw3JOrJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KqlaG25MbrVVX3W0qNfSCPPNgLQ=
www.234854.net/common.js
38.53.126.223200 OK 676 B IP 38.53.126.223:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document, ASCII text, with very long lines (1293), with no line terminators
Hash f9f32de8cf433e2006db8e87cca2bfbd
816b8e176a34a403ec76a01a8f7b8c4d4b25b8ca
692ee11acd3f9f4269c339a6b5124caa9b6eb2938a9e54c160d081fbc0a357e2
GET /common.js HTTP/1.1
Host: www.234854.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234854.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 16:12:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.234854.net/tj.js
38.53.126.223200 OK 258 B IP 38.53.126.223:0
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash 7619c4a72aa58654d17f3c48405f25fc
4751be3654c3c1580502179087900f76990a7968
6c50475456625e57e63f4cd86988bb097e5fa35582da6ebf5d32a3f0b328e3ba
GET /tj.js HTTP/1.1
Host: www.234854.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234854.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 16:12:28 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.234854.net/favicon.ico
38.53.126.223200 OK 1.2 kB URL HTTP/1.1 www.234854.net/favicon.ico
IP 38.53.126.223:0
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.234854.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234854.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 16:12:28 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 23 Jan 2023 16:12:28 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 13a46f257938c5f4e03f6dcff515c02c
ab3af9d166be05bc3553aaea9a8551f36d70af61
c9127b97fa126541e1fbf585347e2c885c49586b814852efe937cc678afa67f3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 22 Jan 2023 13:36:40 GMT
ETag: "ab3af9d166be05bc3553aaea9a8551f36d70af61"
Last-Modified: Wed, 18 Jan 2023 13:36:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1098
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b89c57ed01b4ee-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 99fdccb28d814f0bcd69a3d6f630d23f
a11acc57d580491038b862a190a03f30dbbd5ff0
3c25b6454e796ff66a22feaa8c795613e222fcb0cb2cf8f9dc70ce9c81f4c1b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C25B6454E796FF66A22FEAA8C795613E222FCB0CB2CF8F9DC70CE9C81F4C1B0"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Wed, 18 Jan 2023 22:12:01 GMT
Date: Wed, 18 Jan 2023 16:12:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16129
Expires: Wed, 18 Jan 2023 20:41:00 GMT
Date: Wed, 18 Jan 2023 16:12:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16129
Expires: Wed, 18 Jan 2023 20:41:00 GMT
Date: Wed, 18 Jan 2023 16:12:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16129
Expires: Wed, 18 Jan 2023 20:41:00 GMT
Date: Wed, 18 Jan 2023 16:12:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d134f7ac9a5ca8ab7a9461bd20706bb7
aa47af3e7517390d10e89f0f18237cfdcc63cbed
3431c8027f09bb284fe48ef8e4458fd43d8cc961250601b3028b83a7ba19f6ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13111
x-amzn-requestid: 7a9bb405-c68d-496f-b608-e9d295c44c50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0MStGBBIAMFXag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4c0dd-75d87c0d763744951f13febd;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:13:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkIL919Q7OFO6bACXTrDan0f9D9rgrN0DJMQv1DYPLeWqT1CywCAEg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:29:16 GMT
age: 45775
etag: "aa47af3e7517390d10e89f0f18237cfdcc63cbed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:21:58 GMT
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
age: 64213
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9200e43ca808b9ecec74828e03853d4c
3070340147ced46e5fdf73408272aa39391976fb
abdaedfc2da45180c463607686b20afd82113b78cfa78b0f28ab169b9858469b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6454
x-amzn-requestid: 79329eb3-8d89-423f-8626-32c5e2e2831a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gHpeoAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-5e859dc121cd322c6b684eee;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwgL1L8gf7dxKO3A9rfi25VzKbT77kkpJzF8gv1niNJ-p5rL6FYPrw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:45:08 GMT
age: 66423
etag: "3070340147ced46e5fdf73408272aa39391976fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec6c49f056e786896d54fe22c242391
cc6b64ff3f09853843b62e555456a1ad9f0909fb
42f0571efba18630c8deee17e98c6939a7050b04f613ad10515caf503e496b4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5663
x-amzn-requestid: 9a1c75a4-1c8d-4bd2-b6ca-7fccb8b43c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gF5goAMFveA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-1d274e8074771db651e80979;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sAxuQECVKx0dfc2UM_E_70nKN8za1SBN4opMWr_74gT5ScurgZGVLw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:10:07 GMT
age: 64924
etag: "cc6b64ff3f09853843b62e555456a1ad9f0909fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:10:03 GMT
age: 64928
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xwxzja4wdr7AfJC7BU10NpD4zbhg8MLdQ35gmo9LP75IFy9WDaDInw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:53:53 GMT
age: 65898
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3d49f6cedfe62c75d23633f387e12059
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3d49f6cedfe62c75d23633f387e12059
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 4624dfcf69a925db1ad623f04b9e2eaf
fc681bac1f176198a31bcb38a34883dafe4a935c
9b29f9fd97c8d2324ac989081455b819a1e5d349a9e73eb5e2375fd7ed275c75
GET /hm.js?3d49f6cedfe62c75d23633f387e12059 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.234854.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 18 Jan 2023 16:12:11 GMT
Etag: 796569a6f40ea624480faa269c515164
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=40BE668F878F45A6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16873
Expires: Wed, 18 Jan 2023 20:53:24 GMT
Date: Wed, 18 Jan 2023 16:12:11 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 71231fb141b2ceded00f1a6761ab8c68
98b4a547058fdaf3db22366c3aac62bbc55d07c4
fa2c640c32e68f7202da05d1c82c58af1bd5f8b3685946a1ef96e65e8861ecf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA2C640C32E68F7202DA05D1C82C58AF1BD5F8B3685946A1EF96E65E8861ECF4"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16263
Expires: Wed, 18 Jan 2023 20:43:15 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16919
Expires: Wed, 18 Jan 2023 20:54:11 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 71231fb141b2ceded00f1a6761ab8c68
98b4a547058fdaf3db22366c3aac62bbc55d07c4
fa2c640c32e68f7202da05d1c82c58af1bd5f8b3685946a1ef96e65e8861ecf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA2C640C32E68F7202DA05D1C82C58AF1BD5F8B3685946A1EF96E65E8861ECF4"
Last-Modified: Mon, 16 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16215
Expires: Wed, 18 Jan 2023 20:42:27 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16943
Expires: Wed, 18 Jan 2023 20:54:35 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
2k.qfbj2.com/template/web/app1.js
23.224.221.53200 OK 962 B URL HTTP/2 2k.qfbj2.com/template/web/app1.js
IP 23.224.221.53:0
File type HTML document, Unicode text, UTF-8 text
Hash 6236c600cc7f87298258e97bbc42c3ea
716ec29cccef5d6074e792fde8ebd4aebaada8c2
87369450cbd8e0d9679d79dd2228305a31077f6f761afb83dc954321fcd56174
GET /template/web/app1.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
content-length: 962
last-modified: Mon, 16 Jan 2023 08:07:03 GMT
etag: "63c505a7-3c2"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/
23.224.221.53200 OK 10 kB IP 23.224.221.53:0
Hash 7045d9651d9c2519bb4fe93ef245ce75
6e67291ea1c7ff3527cf893f1bcc3c59f2773f9b
a68b27c270b1cc822ee5aa178005ae1c6fa4a7c6d53d4ae26ce9738392344428
GET / HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.234854.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/app3.js
23.224.221.53200 OK 992 B URL HTTP/2 2k.qfbj2.com/template/web/app3.js
IP 23.224.221.53:0
File type HTML document, Unicode text, UTF-8 text
Hash 5f34f24040e3efbd9e04615116564fcf
9ff761603b2080d640ab53ef617b15854391eeae
d570e0f076180a19430c56117b57195a8dfd75161753699ce22e4c5c46d7787b
GET /template/web/app3.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
content-length: 992
last-modified: Mon, 16 Jan 2023 11:28:38 GMT
etag: "63c534e6-3e0"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 24f6370a829102914f25f42f5aa5db9a
0981b741a6a82bfb1cdd3a65bb85af19e6e71aee
400bcd987ab7a1513d10b6604a47db0438d024069d2c8cc93db45f43acb8f5c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "400BCD987AB7A1513D10B6604A47DB0438D024069D2C8CC93DB45F43ACB8F5C6"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17156
Expires: Wed, 18 Jan 2023 20:58:08 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 24f6370a829102914f25f42f5aa5db9a
0981b741a6a82bfb1cdd3a65bb85af19e6e71aee
400bcd987ab7a1513d10b6604a47db0438d024069d2c8cc93db45f43acb8f5c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "400BCD987AB7A1513D10B6604A47DB0438D024069D2C8CC93DB45F43ACB8F5C6"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18765
Expires: Wed, 18 Jan 2023 21:24:57 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 24f6370a829102914f25f42f5aa5db9a
0981b741a6a82bfb1cdd3a65bb85af19e6e71aee
400bcd987ab7a1513d10b6604a47db0438d024069d2c8cc93db45f43acb8f5c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "400BCD987AB7A1513D10B6604A47DB0438D024069D2C8CC93DB45F43ACB8F5C6"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17127
Expires: Wed, 18 Jan 2023 20:57:39 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 24f6370a829102914f25f42f5aa5db9a
0981b741a6a82bfb1cdd3a65bb85af19e6e71aee
400bcd987ab7a1513d10b6604a47db0438d024069d2c8cc93db45f43acb8f5c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "400BCD987AB7A1513D10B6604A47DB0438D024069D2C8CC93DB45F43ACB8F5C6"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18759
Expires: Wed, 18 Jan 2023 21:24:51 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 24f6370a829102914f25f42f5aa5db9a
0981b741a6a82bfb1cdd3a65bb85af19e6e71aee
400bcd987ab7a1513d10b6604a47db0438d024069d2c8cc93db45f43acb8f5c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "400BCD987AB7A1513D10B6604A47DB0438D024069D2C8CC93DB45F43ACB8F5C6"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17128
Expires: Wed, 18 Jan 2023 20:57:40 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=83141761&si=3d49f6cedfe62c75d23633f387e12059&v=1.3.0&lv=1&sn=32292&r=0&ww=1152&u=http%3A%2F%2Fwww.234854.net%2Findex.php&tt=%E6%BC%AF%E6%B2%B3%E7%A2%8C%E7%B1%BD%E6%96%87%E5%8C%96%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=83141761&si=3d49f6cedfe62c75d23633f387e12059&v=1.3.0&lv=1&sn=32292&r=0&ww=1152&u=http%3A%2F%2Fwww.234854.net%2Findex.php&tt=%E6%BC%AF%E6%B2%B3%E7%A2%8C%E7%B1%BD%E6%96%87%E5%8C%96%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=83141761&si=3d49f6cedfe62c75d23633f387e12059&v=1.3.0&lv=1&sn=32292&r=0&ww=1152&u=http%3A%2F%2Fwww.234854.net%2Findex.php&tt=%E6%BC%AF%E6%B2%B3%E7%A2%8C%E7%B1%BD%E6%96%87%E5%8C%96%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.234854.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 18 Jan 2023 16:12:12 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=696691E0E5270E78; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
lbfm.lbpictupian.com/upload/vod/2023/01/x2wjeuwp1hk.jpg
104.22.12.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/x2wjeuwp1hk.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash beaccbbf2d7a215adb3fe842f585ead3
2325b35983acb8c65d7d02ad9baf1beca3bd108e
0139538a3f8da5472335436b341b517ddbb9e60295b83cbc1478413d026ce53c
GET /upload/vod/2023/01/x2wjeuwp1hk.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 8010
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9261
content-disposition: inline; filename="x2wjeuwp1hk.webp"
etag: "63c50f56-242d"
last-modified: Mon, 16 Jan 2023 08:48:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f0e120b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-01/12/etmmomdbe201203etmmomdbe203033288.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-01/12/etmmomdbe201203etmmomdbe203033288.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b90c5825cbea82ae0bd34aa3de5c0cfc
d61cef2a8a27bfa864477a770fc8108d58bcd426
16f9ab43408473cbed9e0b7644a4497410460b3218654fb84d92a4988eadd851
GET /upload/vod/2020/05-01/12/etmmomdbe201203etmmomdbe203033288.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 9954
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11229
content-disposition: inline; filename="etmmomdbe201203etmmomdbe203033288.webp"
etag: "5eab9f92-2bdd"
last-modified: Fri, 01 May 2020 04:03:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e1b0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/wcl1hdgqi2a.jpg
104.22.12.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/wcl1hdgqi2a.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4fa0fa5e5a4d57a6356f49031e757cce
7e9c4554f94c21a8d0cd90a03fd5b00addd600e4
81a09f2e40ed1c5c0996b6a06bdefdec4717f09366f3a12de802b4944be88770
GET /upload/vod/2023/01/wcl1hdgqi2a.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 6890
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8258
content-disposition: inline; filename="wcl1hdgqi2a.webp"
etag: "63c50f68-2042"
last-modified: Mon, 16 Jan 2023 08:48:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e170b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/k5pi34oxw4u1346k5pi34oxw4u023779.jpg
104.22.12.214200 OK 7.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/k5pi34oxw4u1346k5pi34oxw4u023779.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 771d6cb436f93838dc84ca7c5d69bd3e
6b0807ee9015f4c05cfb549993c46a80b6c38376
68f17f2d10f93ba727043d7bb289416caa8f7b932d154ed2bad95a653ed28b97
GET /upload/vod/2022/09-12/13/k5pi34oxw4u1346k5pi34oxw4u023779.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 7268
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9797
content-disposition: inline; filename="k5pi34oxw4u1346k5pi34oxw4u023779.webp"
etag: "631ec79a-2645"
last-modified: Mon, 12 Sep 2022 05:46:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e230b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-01/12/wkokasphcee1203wkokasphcee3233294.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-01/12/wkokasphcee1203wkokasphcee3233294.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c334f1938001be7673b8f64814899a96
886fad968ca8b0a4047c276a069e817fa99cb326
5c6ed2be10b877ddd5b0832a8267f1afdb0250c076c1dd4511690999c4c5adf1
GET /upload/vod/2020/05-01/12/wkokasphcee1203wkokasphcee3233294.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/jpeg
content-length: 10400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10825, status=webp_bigger
etag: "5eab9f94-2a49"
last-modified: Fri, 01 May 2020 04:03:32 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b89c5f1e1d0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/coidwz5mdjp1346coidwz5mdjp063789.jpg
104.22.12.214200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/coidwz5mdjp1346coidwz5mdjp063789.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3891efc3e3abd4fe90cb564284cf24e7
c630cf4ec84b51bb77e7f94fff79119789110ba1
9bde21b4f56934ffb6e5be9b48ac3119b4c3b016ae77e3dce78841d01ba30209
GET /upload/vod/2022/09-12/13/coidwz5mdjp1346coidwz5mdjp063789.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 7866
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8651
content-disposition: inline; filename="coidwz5mdjp1346coidwz5mdjp063789.webp"
etag: "631ec79e-21cb"
last-modified: Mon, 12 Sep 2022 05:46:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e290b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/sxva1nf2ox11346sxva1nf2ox1073791.jpg
104.22.12.214200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/sxva1nf2ox11346sxva1nf2ox1073791.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9a6973976844cfcc7174af579488c41f
6cd355a435e6f9f9785d82c2a930244193bebdb5
f9ef0b8b2856119b26e88f6ee712eadf869c11ffb1ac74c82a0897792b80bda0
GET /upload/vod/2022/09-12/13/sxva1nf2ox11346sxva1nf2ox1073791.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 9370
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10232
content-disposition: inline; filename="sxva1nf2ox11346sxva1nf2ox1073791.webp"
etag: "631ec79f-27f8"
last-modified: Mon, 12 Sep 2022 05:46:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e2d0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/unj45l3s0wr.jpg
104.22.12.214200 OK 9.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/unj45l3s0wr.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5355d0d625eabd3687e6c36259d730db
ed0dae1ff7fd90ae178c22930d982b730f42eb2b
84a9ab20b3994c313f4c187c5418f9baf5de91a63ecb3040ba2d5b0fb15dc860
GET /upload/vod/2023/01/unj45l3s0wr.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 9296
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10299
content-disposition: inline; filename="unj45l3s0wr.webp"
etag: "63c50f3d-283b"
last-modified: Mon, 16 Jan 2023 08:47:57 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e300b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/o42gnnpzcid1346o42gnnpzcid053785.jpg
104.22.12.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/o42gnnpzcid1346o42gnnpzcid053785.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c7c90fee6a9219fc47508f1bbfba0035
98e4bfae8171e21bccc110f3a7726b7f3cc43238
afb12bca9101c63b472876ea5b869b0d7417b5be201d20f97636ce01f66965c7
GET /upload/vod/2022/09-12/13/o42gnnpzcid1346o42gnnpzcid053785.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 7954
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8785
content-disposition: inline; filename="o42gnnpzcid1346o42gnnpzcid053785.webp"
etag: "631ec79d-2251"
last-modified: Mon, 12 Sep 2022 05:46:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e270b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/fju5keb0nyl.jpg
104.22.12.214200 OK 5.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/fju5keb0nyl.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0ed9059b717e30bf8dfeaa1afdf2a9cd
daa8bc33893e0aa3d3df0d794bc8053d30bd1941
4ff1884ed29eaf7a7eef10544e055e9923cc874a7e4087b8189b5b4efa323ddb
GET /upload/vod/2023/01/fju5keb0nyl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 5436
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6439
content-disposition: inline; filename="fju5keb0nyl.webp"
etag: "63c50f5b-1927"
last-modified: Mon, 16 Jan 2023 08:48:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f0e130b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-01/12/uwjscqnsofo1203uwjscqnsofo3133290.jpg
104.22.12.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-01/12/uwjscqnsofo1203uwjscqnsofo3133290.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10c99689612548bf10f21f3fa383ed32
a5c3213504c7c1422e707773d6786086d5ea83ec
8a3a49b2e8a0064e45a4cbbc4e13deffe9afa597b011a6ed57318f342a8ebfe7
GET /upload/vod/2020/05-01/12/uwjscqnsofo1203uwjscqnsofo3133290.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 11456
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12829
content-disposition: inline; filename="uwjscqnsofo1203uwjscqnsofo3133290.webp"
etag: "5eab9f93-321d"
last-modified: Fri, 01 May 2020 04:03:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e1c0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/1hrfp3uy0vo13451hrfp3uy0vo583773.jpg
104.22.12.214200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/1hrfp3uy0vo13451hrfp3uy0vo583773.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 574158bf62ae7b9642262a017723ec5b
efc4f8d853df4ca62a8dd3405e95bc05ee2e96f9
cf067759accd9869f9dcc12a29b016ffa389217551ac5c31e8772801becbd083
GET /upload/vod/2022/09-12/13/1hrfp3uy0vo13451hrfp3uy0vo583773.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 7244
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8601
content-disposition: inline; filename="1hrfp3uy0vo13451hrfp3uy0vo583773.webp"
etag: "631ec796-2199"
last-modified: Mon, 12 Sep 2022 05:45:58 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e200b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/t4p5jnss0n0.jpg
104.22.12.214200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/t4p5jnss0n0.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 044ef56fc99b753208602e2ce01153a3
359a1bb8aab3d9a5b20bb489c72679d9b23830c7
869302122179bda638f5b66895e389829ee06a82624572f4f3055e69917ea630
GET /upload/vod/2023/01/t4p5jnss0n0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 9470
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10169
content-disposition: inline; filename="t4p5jnss0n0.webp"
etag: "63c50f4c-27b9"
last-modified: Mon, 16 Jan 2023 08:48:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f2e4a0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/qfa4gpe4swp.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/qfa4gpe4swp.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e568b230977660d745d0fe4939b8b79b
de9327abebc01a685a93d45900b4f3ff6b05b8da
225ba041c1ad6274a78050735c02a98b390df0fc854ccd3f6dd99040c18a4728
GET /upload/vod/2023/01/qfa4gpe4swp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 11154
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11832
content-disposition: inline; filename="qfa4gpe4swp.webp"
etag: "63c50f63-2e38"
last-modified: Mon, 16 Jan 2023 08:48:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f0e160b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/d5cl5luy2fu1346d5cl5luy2fu053787.jpg
104.22.12.214200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/d5cl5luy2fu1346d5cl5luy2fu053787.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 094e99c049c582ec4f35794b73dd3308
841d7918965537f1fb1b6f69a55333549bf98b8f
38df7c06cd4c14b54f0fed1beaebf2d648c0e766e639a9637fbb415ed6c8b976
GET /upload/vod/2022/09-12/13/d5cl5luy2fu1346d5cl5luy2fu053787.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 5878
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8136
content-disposition: inline; filename="d5cl5luy2fu1346d5cl5luy2fu053787.webp"
etag: "631ec79e-1fc8"
last-modified: Mon, 12 Sep 2022 05:46:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e280b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/acnd2ieox1j.jpg
104.22.12.214200 OK 5.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/acnd2ieox1j.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc0b293082b3f510742c2b656e0c1373
fa80f64dc9c9a0ae9f5f796f9b5380f8f06a7c38
cf4a74fa801d478e25757f2b334178ebc39a37eabe46ad2e64649828e17ecf57
GET /upload/vod/2023/01/acnd2ieox1j.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 5354
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7492
content-disposition: inline; filename="acnd2ieox1j.webp"
etag: "63c50f47-1d44"
last-modified: Mon, 16 Jan 2023 08:48:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f4e680b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/jvzytdmwoo31345jvzytdmwoo3573771.jpg
104.22.12.214200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/jvzytdmwoo31345jvzytdmwoo3573771.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4b64ced2823e370514d53214de06ceb
19bc9737ae6a1b6d601150d4c091c762b91b2976
e3992ec298201c3cb265cade01e6c09ff60b6ec9c3b05850ab6ba8bdd9c5a5a7
GET /upload/vod/2022/09-12/13/jvzytdmwoo31345jvzytdmwoo3573771.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 6112
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7551
content-disposition: inline; filename="jvzytdmwoo31345jvzytdmwoo3573771.webp"
etag: "631ec796-1d7f"
last-modified: Mon, 12 Sep 2022 05:45:58 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e1e0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/maot2xi5znp.jpg
104.22.12.214200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/maot2xi5znp.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8ec9addb9f3b8ee5f81d801c78e703b
5da4196cd93f28faf4acc559771e91e13958ef4e
77e03424217a7c7275b53babc38d2d3fe9fc0bffb9ee35116e3827b7906bce65
GET /upload/vod/2023/01/maot2xi5znp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 5782
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7191
content-disposition: inline; filename="maot2xi5znp.webp"
etag: "63c50f42-1c17"
last-modified: Mon, 16 Jan 2023 08:48:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f0e100b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/co0tmcxt4ug1346co0tmcxt4ug003775.jpg
104.22.12.214200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/co0tmcxt4ug1346co0tmcxt4ug003775.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 019fc7fd9f6429b88bd5c8b01d41be25
62a3e30323bf9426775661ac19d5e8afeff705bb
c50b1f3aeca8225e7a3dc25d182f3c8ff7d6d071c21461225fff0813d7ad7c95
GET /upload/vod/2022/09-12/13/co0tmcxt4ug1346co0tmcxt4ug003775.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 8788
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9422
content-disposition: inline; filename="co0tmcxt4ug1346co0tmcxt4ug003775.webp"
etag: "631ec798-24ce"
last-modified: Mon, 12 Sep 2022 05:46:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e210b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/daymlgstvfe.jpg
104.22.12.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/daymlgstvfe.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f2ac666c457264449796c3818dab021
d7863e69882476faa6e28cb0d90c4ed70c0354e3
1d9fd1d6c4c4e84c0733a4d70b9171307b8613dfe7ef7f84bdf003c5d0c91338
GET /upload/vod/2023/01/daymlgstvfe.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 7452
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8468
content-disposition: inline; filename="daymlgstvfe.webp"
etag: "63c50f5f-2114"
last-modified: Mon, 16 Jan 2023 08:48:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f0e150b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-01/12/vzvcxdlttce1203vzvcxdlttce2933286.jpg
104.22.12.214200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-01/12/vzvcxdlttce1203vzvcxdlttce2933286.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50e23d01c040363b6ade84745108f66c
dabd762673a8e85fdc36739bc0c9692d76bbc7e9
18b9a7e99f8c70eaff97fcc93d36b4c31325ddf3a9966a76db649e8883dd3de7
GET /upload/vod/2020/05-01/12/vzvcxdlttce1203vzvcxdlttce2933286.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 8890
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10882
content-disposition: inline; filename="vzvcxdlttce1203vzvcxdlttce2933286.webp"
etag: "5eab9f91-2a82"
last-modified: Fri, 01 May 2020 04:03:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e1a0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/4yfuph1mg2f13464yfuph1mg2f013777.jpg
104.22.12.214200 OK 4.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/4yfuph1mg2f13464yfuph1mg2f013777.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e456b523862af6f6a0d4db032b05405
54734def972abbf7036aa32226a0cbef1cb3ab70
d7d3864912784aa11480d28d93a839a4d11649dae94323363abf301df93fb822
GET /upload/vod/2022/09-12/13/4yfuph1mg2f13464yfuph1mg2f013777.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 4812
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6941
content-disposition: inline; filename="4yfuph1mg2f13464yfuph1mg2f013777.webp"
etag: "631ec799-1b1d"
last-modified: Mon, 12 Sep 2022 05:46:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e220b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/z2ru1agmit0.jpg
104.22.12.214200 OK 4.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/z2ru1agmit0.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b5351e83155ce27d2b5343e93c15492b
09b363f83ea9fef7c4fd6202faf4906fe8a01b7e
232a8571173dd16ab75dff47c7e28fada93cc06d0ca87374fc35dfd25d3aa220
GET /upload/vod/2023/01/z2ru1agmit0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 4260
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6158
content-disposition: inline; filename="z2ru1agmit0.webp"
etag: "63c50f51-180e"
last-modified: Mon, 16 Jan 2023 08:48:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f5e7c0b31-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/5ao1c5mtj0t13465ao1c5mtj0t043783.jpg
104.22.12.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/5ao1c5mtj0t13465ao1c5mtj0t043783.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dadf27778174e1a50d3284e733ca3ac0
608b32e5e291b53aa2326dd5d076f73011196d54
5ace63ea34295134c42e0053f5dbde7c1f04a15c5396351a98f8dff7b6272909
GET /upload/vod/2022/09-12/13/5ao1c5mtj0t13465ao1c5mtj0t043783.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/webp
content-length: 7534
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9908
content-disposition: inline; filename="5ao1c5mtj0t13465ao1c5mtj0t043783.webp"
etag: "631ec79c-26b4"
last-modified: Mon, 12 Sep 2022 05:46:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e250b31-OSL
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/5115960-60.gif
23.224.221.53200 OK 313 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/5115960-60.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 313 kB (312864 bytes)
Hash e7593fc8dcb539808b00a5eebc62716a
f052b6589fd43358438fc4796ef0ab89c7d2bf38
2b7c34d61d22b1ff5c859b5fb207dd8626027ccef57d75543efd9490fae77b82
GET /template/web/GG/5115960-60.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 312864
last-modified: Tue, 10 Jan 2023 13:17:36 GMT
etag: "63bd6570-4c620"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
9030a.cc/1008-960x60.gif
154.85.10.21301 Moved Permanently 0 B IP 154.85.10.21:0
ASN #211392 Dream Cloud Innovation Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1008-960x60.gif HTTP/1.1
Host: 9030a.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: Keep-Alive
X-NoCache: this
Date: Thu, 19 Jan 2023 00:40:01 GMT
Location: https://9030a.cc/1008-960x60.gif
X-Via: 1.1 localhost.localdomain (random:85111 Fikker/Webcache/3.7.8)
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
104.110.17.24200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6719021
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Wed, 18 Jan 2023 16:12:12 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash d69a4f243acf79ead7fa6fdfb0d3c56d
898fd2dcde23c185dda81d0fbcaa43fc6b102a37
ce0751153c6092cf07777d150fd1895d905dadd75cfa2f97dd443cf967b447e0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 22 Jan 2023 13:12:54 GMT
ETag: "898fd2dcde23c185dda81d0fbcaa43fc6b102a37"
Last-Modified: Wed, 18 Jan 2023 13:12:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1583
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b89c649dcdb4ee-OSL
hm.baidu.com/hm.js?7a63494bcb7782c2d15cc8728f4c5059
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7a63494bcb7782c2d15cc8728f4c5059
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 0da43ee94486f5c9ee40972c7642f136
576e7779e998fb63fe07a33998b350ed361ad604
2894775e2b0ca2bec2139a4f54ec0a80a068e896b57ffe1646b513f79efdf2c3
GET /hm.js?7a63494bcb7782c2d15cc8728f4c5059 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 18 Jan 2023 16:12:12 GMT
Etag: 14c67bf521784ac76f3ee109fa07c20f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D75609349E48C085; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d9d478815f87fa3a14118608b1b0435b
c799cfe94d309f27e45c077bfe0147b428bd4ab7
eef91a6682902bbe4bbd1dcf47520d46a89130eef1ed45dee73cf2229e32a422
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEF91A6682902BBE4BBD1DCF47520D46A89130EEF1ED45DEE73CF2229E32A422"
Last-Modified: Wed, 18 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 18 Jan 2023 22:12:12 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d9d478815f87fa3a14118608b1b0435b
c799cfe94d309f27e45c077bfe0147b428bd4ab7
eef91a6682902bbe4bbd1dcf47520d46a89130eef1ed45dee73cf2229e32a422
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEF91A6682902BBE4BBD1DCF47520D46A89130EEF1ED45DEE73CF2229E32A422"
Last-Modified: Wed, 18 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Wed, 18 Jan 2023 22:11:40 GMT
Date: Wed, 18 Jan 2023 16:12:12 GMT
Connection: keep-alive
2k.qfbj2.com/template/web/GG/227.gif
23.224.221.53200 OK 477 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/227.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /template/web/GG/227.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 477289
last-modified: Fri, 14 Oct 2022 15:40:26 GMT
etag: "634982ea-74869"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/x.jpg
23.224.221.53200 OK 9.2 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/x.jpg
IP 23.224.221.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /template/web/GG/x.jpg HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Thu, 02 Jun 2022 15:47:42 GMT
etag: "6298db9e-23ce"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-12/13/hz55ooo5zn21346hz55ooo5zn2033781.jpg
104.22.12.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-12/13/hz55ooo5zn21346hz55ooo5zn2033781.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 80a02498aaa500a3fbf1a3f5054099fb
c2c1f21134c86ae4ab32434f5257e519986588e7
5ebb7a4efd5b6630266040ddf096eff011abd70e4a0cb4dde2ea956443e14013
GET /upload/vod/2022/09-12/13/hz55ooo5zn21346hz55ooo5zn2033781.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/webp
content-length: 8668
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9526
content-disposition: inline; filename="hz55ooo5zn21346hz55ooo5zn2033781.webp"
etag: "631ec79b-2536"
last-modified: Mon, 12 Sep 2022 05:46:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e240b31-OSL
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/dipiao.js
23.224.221.53200 OK 36 kB URL HTTP/2 2k.qfbj2.com/template/web/dipiao.js
IP 23.224.221.53:0
Hash 179c758682793ffbea4ed5afe0bed649
f2e8537b34facb998883d65d3defd35ba89f3c39
e50b72bbeff3942c941561a7a861287d5facec6a4d1652ba4ffe78971bdbf251
GET /template/web/dipiao.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 14:24:29 GMT
vary: Accept-Encoding
etag: W/"62810d1d-81a"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/d5.gif
23.224.221.53200 OK 100 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/d5.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 025124b1ea32550544628c7205331a35
6015322cd2faae4cc93266267838878350ac5c70
b1f29051a416097599fa35479620adab7e3f3b5dac8d18c19147eff65955db21
GET /template/web/GG/d5.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 99494
last-modified: Wed, 16 Mar 2022 16:12:20 GMT
etag: "62320c64-184a6"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/31.gif
23.224.221.53200 OK 108 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/31.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 96 x 96\012- data
Size 108 kB (108160 bytes)
Hash 8765a4504945e44a16e9fe1c643802bf
a830d6cad304c1007e82fc742cc7855fff8d6a7c
d4ce24af068e48c2339af354f585f37940cc318d83110e313056ebc0d4058b4b
GET /template/web/GG/31.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 108160
last-modified: Wed, 09 Mar 2022 10:15:26 GMT
etag: "62287e3e-1a680"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
23.224.221.53404 Not Found 146 B URL HTTP/2 2k.qfbj2.com/template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
IP 23.224.221.53:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2k.qfbj2.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/images/video-play.png
23.224.221.53200 OK 1.6 kB URL HTTP/2 2k.qfbj2.com/template/meizhuama/images/video-play.png
IP 23.224.221.53:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/meizhuama/images/video-play.png HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 06 Mar 2022 14:17:50 GMT
etag: "6224c28e-61f"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 9f84ffb3b84ffd3700284ee295426649
93597dad387f4be590da6418cf6755c2557b9671
36de65e307451a44e109f41d7224313c3351896cafd8437bae6129e63473dd9c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 22 Jan 2023 13:39:06 GMT
ETag: "93597dad387f4be590da6418cf6755c2557b9671"
Last-Modified: Wed, 18 Jan 2023 13:39:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1643
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b89c66fb49b518-OSL
2k.qfbj2.com/template/web/GG/k2.gif
23.224.221.53200 OK 32 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k2.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0dbd3863b60a1e8e0a507a6092e3acbd
81f0cfad3a7369aa95b1b507a5ce46149cd4e4fe
d3829461b69847e6df417e8eb4c4046ae45864fbb7d3646e7b1346a861bd893e
GET /template/web/GG/k2.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 32381
last-modified: Fri, 27 May 2022 05:30:54 GMT
etag: "6290620e-7e7d"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1504600&si=7a63494bcb7782c2d15cc8728f4c5059&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32293&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1504600&si=7a63494bcb7782c2d15cc8728f4c5059&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32293&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1504600&si=7a63494bcb7782c2d15cc8728f4c5059&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32293&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 18 Jan 2023 16:12:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=01DF8550D1425FF7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
2k.qfbj2.com/template/web/xx1.js
23.224.221.53200 OK 115 kB URL HTTP/2 2k.qfbj2.com/template/web/xx1.js
IP 23.224.221.53:0
Size 115 kB (115369 bytes)
Hash e361630b651b6414040ef474e834c89c
28e8687104ae2120019e0451c3aaaaab271bbbe2
c5534b3bdb924c54333de3ce6d2088abcfdeb1e2822fdc1e6009e46aa6665979
GET /template/web/xx1.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 14:32:12 GMT
vary: Accept-Encoding
etag: W/"63c6b16c-1208"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/zyxf.js
23.224.221.53200 OK 120 kB URL HTTP/2 2k.qfbj2.com/template/web/zyxf.js
IP 23.224.221.53:0
Size 120 kB (120208 bytes)
Hash ee3bf30dc33da64bb96ac6e1ee96a558
a99c133e6cdb0088bf489cddeca186f48c03cf5b
6bd5a7c3518dda42cd9b2ef03a82acf3f2cf569f860113ae254222f3e25e0861
GET /template/web/zyxf.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 10:02:52 GMT
vary: Accept-Encoding
etag: W/"63c7c3cc-1ab0"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/js/jquery.min.js
23.224.221.53200 OK 107 kB URL HTTP/2 2k.qfbj2.com/template/meizhuama/js/jquery.min.js
IP 23.224.221.53:0
Size 107 kB (107329 bytes)
Hash 0561998ac290b1d43bac18a470152838
a24c95c5b3f37bc61fc17d725272c6f2c3aca489
856ae529c832cd4f21897c689573e66d91cde50dd92e8106682b0a5123b0347d
GET /template/meizhuama/js/jquery.min.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 14:33:00 GMT
vary: Accept-Encoding
etag: W/"638a0c9c-1538f"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8975fc2bb5883850de7050766fdfc112
be8610fec1b292093f731f6ae9eaed504c6403ba
3ebe2bb277c20a9e399fdfcda1ddd346a69421489ceaa59b2453ec8505cf02e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 21:14:29 GMT
Expires: Sun, 22 Jan 2023 21:14:28 GMT
Etag: "be8610fec1b292093f731f6ae9eaed504c6403ba"
Cache-Control: max-age=363134,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b89c679b0fb523-OSL
2k.qfbj2.com/template/web/GG/k6.gif
23.224.221.53200 OK 53 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k6.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 74d864001115d3b123c552156accfbef
11ae3aef174b8fab213faa40b1b985f77dada46f
9001f1548a09cf89715469dc8d009f7aebb1a459d261c73a2f35d252bf88b4c8
GET /template/web/GG/k6.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 53324
last-modified: Fri, 27 May 2022 05:30:58 GMT
etag: "62906212-d04c"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 3b4403981623f87f5f9586eff10ed677
bd79070cf651c84c688db972c509c775c36748e3
2395b600d2969062bd3e90d1f3eda36ce8bb03d9e0dda96b0e51dd8e9a8ca9e4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 22 Jan 2023 14:48:56 GMT
ETag: "bd79070cf651c84c688db972c509c775c36748e3"
Last-Modified: Wed, 18 Jan 2023 14:48:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 50
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b89c67fc8bb518-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2165340e42c7d4fd42a8c57e1369d71a
7fd0f2e2ae9a3951678ee0ef824b5ad648fe377b
1731ec3966e6943bf8a25150be04156940dbf5427c7167f9684b552ec4b135a3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 11:53:09 GMT
Expires: Wed, 25 Jan 2023 11:53:08 GMT
Etag: "7fd0f2e2ae9a3951678ee0ef824b5ad648fe377b"
Cache-Control: max-age=588654,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b89c66cd890b41-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 97a33b7645ebec21f0d3e21a250ecd30
e7befb17b01460286c9db08e92914f93f79510cf
608ba60c1f64e2051ad26dca760aedccc37f3353284b5df83c6d37b60584bafb
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 15:23:06 GMT
Expires: Wed, 25 Jan 2023 15:23:05 GMT
Etag: "e7befb17b01460286c9db08e92914f93f79510cf"
Cache-Control: max-age=601251,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b89c66e99eb529-OSL
rootnetworksdv.ocsp-certum.com/
23.36.79.17200 OK 1.5 kB URL HTTP/1.1 rootnetworksdv.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ec1884517d284307a54a1f65ff67f8d4
51ebe82dce67abdd22585ee17175943b2ff6627e
5c12dacfb57bf75276cf8c755f5e9d8e25742abe183678200693fbddf671d385
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
X-N: S
2k.qfbj2.com/template/web/GG/a06.gif
23.224.221.53200 OK 111 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/a06.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /template/web/GG/a06.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 110624
last-modified: Sat, 18 Jun 2022 04:10:23 GMT
etag: "62ad502f-1b020"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/k7.gif
23.224.221.53200 OK 104 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k7.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 71 x 71\012- data
Size 104 kB (104461 bytes)
Hash 9e38a9cebde88f45563c4aae36723d3a
126439ba503fc1757864c12e086fd0f1a165a4bc
93054ef4224e847d308892f23ca8d0bf210d5ba26d8c39502eb7016efd97501d
GET /template/web/GG/k7.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 104461
last-modified: Fri, 27 May 2022 05:30:59 GMT
etag: "62906213-1980d"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/11.gif
23.224.221.53200 OK 76 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/11.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 200 x 99\012- data
Hash b91a52dc89525aa53fa4cc9f51313fa5
04be88b70acd504b7bf5a9bb107b63da8c488639
91b59a9d450ebdc06502d1279ee2eef209a84a5d0434a46874a32c9bbc831ba9
GET /template/web/GG/11.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 76147
last-modified: Wed, 11 May 2022 08:23:40 GMT
etag: "627b728c-12973"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/fonts/iconfont.woff
23.224.221.53200 OK 525 B URL HTTP/2 2k.qfbj2.com/template/meizhuama/fonts/iconfont.woff
IP 23.224.221.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/meizhuama/fonts/iconfont.woff HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2k.qfbj2.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: font/woff
content-length: 525
last-modified: Sun, 06 Mar 2022 14:12:36 GMT
etag: "6224c154-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/7.gif
23.224.221.53200 OK 159 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/7.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 159 kB (159399 bytes)
Hash 7c1ced688d2af934a1800ae8d89a226f
558b8353f1d66992ce01a67ba66af0ac966877bc
5acf95935750544793683da337ec48ecbadd4ecfe5c1b714ad47c97b5849c02f
GET /template/web/GG/7.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 159399
last-modified: Fri, 11 Mar 2022 16:19:12 GMT
etag: "622b7680-26ea7"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/k1.gif
23.224.221.53200 OK 167 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k1.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 167 kB (167104 bytes)
Hash 9387415ad469299bf6e3bb5c1bbc77e2
cc52974b6ed2239afbbd4088c675fceb0d75cd22
912ce0aceb7de66266542ec85454be033b0a285c975dd7fc8f0d43eecb8716ce
GET /template/web/GG/k1.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 167104
last-modified: Fri, 27 May 2022 05:30:54 GMT
etag: "6290620e-28cc0"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/k20.gif
23.224.221.53200 OK 102 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k20.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 124 x 124\012- data
Size 102 kB (101861 bytes)
Hash da1fca07307a6c03cdcfb2d47313113a
f28a95877fad9e725a287466984d496ef7d53afb
9529e1f4226891780f02c558b7b75427b86eb8afa9e5667fd6e8527abf322209
GET /template/web/GG/k20.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 101861
last-modified: Sat, 04 Jun 2022 02:42:14 GMT
etag: "629ac686-18de5"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/a08.gif
23.224.221.53200 OK 80 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/a08.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 3b6a5179b4a06bb8c98cab3aeaa698ed
c798dc8b16e3feaf91392cfa1cf839b4556fc243
64d5d65c65f47564411cce16d70dcca2aa83d5ad212ac46d3d9d0ba4ab8aee96
GET /template/web/GG/a08.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 80545
last-modified: Sat, 18 Jun 2022 04:10:24 GMT
etag: "62ad5030-13aa1"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21273067.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21273067.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash cfcc5c0f08c9a6462e6df16aa6478f07
720c84b3ccebf991458af7705d0bb0c41365b8ac
817c678f9b62b0db6f870cc391b17261be96bb9c428199372176794583f9691f
GET /21273067.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=2ffc8352e8b973b20c5; path=/
HWWAFSESTIME=1674058331213; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
2k.qfbj2.com/template/web/GG/d2.gif
23.224.221.53200 OK 162 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/d2.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 162 kB (161572 bytes)
Hash 64c0f3edc7b3bfd2a2c009f3b93ebd7d
70dee1bf54047d14220328f8ab47d299a679a519
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
GET /template/web/GG/d2.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 161572
last-modified: Wed, 16 Mar 2022 16:12:17 GMT
etag: "62320c61-27724"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 50a805bdd7a413e9bad08b2775924947
f18f57a057697b6c8a638994c2bb8593f31d9340
61d6e6c85d3634a3e329f329732f6cc20d307bb3925d71c7f626555a90af27c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:26:08 GMT
Expires: Mon, 23 Jan 2023 15:26:07 GMT
Etag: "f18f57a057697b6c8a638994c2bb8593f31d9340"
Cache-Control: max-age=428633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b89c679bdfb51e-OSL
2k.qfbj2.com/template/web/GG/k15.gif
23.224.221.53200 OK 142 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k15.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 235 x 235\012- data
Size 142 kB (141895 bytes)
Hash 0642504c72f3cf9929cfb7544deaca87
16d7028c32010330f5c9f2f8e71a69c4c7bcc859
a102356e14a84a958f692e5e9c2c4d2aa9765bc4cbc3232f9108ec8b46d5b07b
GET /template/web/GG/k15.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 141895
last-modified: Sat, 28 May 2022 04:43:33 GMT
etag: "6291a875-22a47"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/a01.gif
23.224.221.53200 OK 156 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/a01.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 156 kB (156311 bytes)
Hash c1cd6fbcc60e4242fb31eb894d7d9450
1b0a2ba85f38fa452a391250067e916ac7b61345
aca31490b0e0478395648fb5f6ce318b56a4a443c7a64e069c71cee6c0f0bb44
GET /template/web/GG/a01.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 156311
last-modified: Sat, 18 Jun 2022 04:10:19 GMT
etag: "62ad502b-26297"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/5.gif
23.224.221.53200 OK 292 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/5.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 256 x 256\012- data
Size 292 kB (291780 bytes)
Hash c41af62e6356770c1f7df79bbb3e1db5
0f765c11424aaa51365ec92c18ff4f75a972da5a
0b8a47216bb974bf8ce36542085e3dfb1b5fcf476efd4da2b630c4a325580de4
GET /template/web/GG/5.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 291780
last-modified: Wed, 11 May 2022 08:12:54 GMT
etag: "627b7006-473c4"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/d1.gif
23.224.221.53200 OK 320 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/d1.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 448 x 359\012- data
Size 320 kB (320301 bytes)
Hash 7d3239796daffe24e71eb0e44146f02b
533c9fe388fdb5cc5f807a7358dcd4d1b14bf817
7ae555d64a9c2cbf44806af21930c753b5dc3649be922206fc10ea83efa19523
GET /template/web/GG/d1.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 320301
last-modified: Wed, 11 May 2022 08:33:50 GMT
etag: "627b74ee-4e32d"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 418d4ee5f409b6e02243572578ccdf5a
e29e88adedf86c7788b4a005312c3015ee2be475
cd6d815f55c3a174cb5f137dfb84cf7cc54155ce492d5e804232da6af1eccf35
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=867
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
X-N: S
2k.qfbj2.com/template/web/GG/dp1.gif
23.224.221.53200 OK 141 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/dp1.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 141 kB (141174 bytes)
Hash 2846430b1663c942a9d2a92c559667cd
2b7d07a004fa13af572b8d5d6317594c1eee9eec
b1357936607e4478fa840a29b58e6714f0063f4a90e28571bd8c8be4e175d74e
GET /template/web/GG/dp1.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 141174
last-modified: Mon, 25 Apr 2022 12:29:49 GMT
etag: "6266943d-22776"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/t1.gif
23.224.221.53200 OK 221 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/t1.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 221 kB (221303 bytes)
Hash 633e79a4d76e09af28eb7617340a6330
0aaef1ed9eed51ca839c4b8e88ca4988e27ec6cb
7363c1c913be071eb6240c6600c17b65e81b092944bb5f14c7013b5f96190fb3
GET /template/web/GG/t1.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 221303
last-modified: Tue, 10 May 2022 09:20:00 GMT
etag: "627a2e40-36077"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/t2.gif
23.224.221.53200 OK 254 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/t2.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 254 kB (253670 bytes)
Hash bace60a0adc9bdd54f7c83058456a847
4867fd68497b7db5c4e5bbdde781cf098dbabd22
17a4f7b3d5caf413211515976326969951cc1bb9a3e32a9caa885fd6e3109368
GET /template/web/GG/t2.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 253670
last-modified: Tue, 10 May 2022 09:20:01 GMT
etag: "627a2e41-3dee6"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/y4.gif
23.224.221.53200 OK 258 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/y4.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 258 kB (257689 bytes)
Hash bbdd0bdf651352117671a182ae649b36
0913dc12c9378d9d5bc6aeefdba042fad4f95e8a
c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c
GET /template/web/GG/y4.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 257689
last-modified: Tue, 10 May 2022 09:20:09 GMT
etag: "627a2e49-3ee99"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/2.gif
23.224.221.53200 OK 620 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/2.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 620 kB (620010 bytes)
Hash 8171edd386b6abd105c0ff0e740330d9
7914e2b95f29d65b0ffb8e6daf7f54dc14da0ae0
5044971fcc4e0c4837e7e586b858fba8257feeed88812253aa9ee2396915c40a
GET /template/web/GG/2.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 620010
last-modified: Wed, 11 May 2022 08:12:37 GMT
etag: "627b6ff5-975ea"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7f70ca84ed2c2a5f43379c9304d1ab7e
1e8f4569503f8221848f543cf4c19a3043ebd1df
b635f55bb89630dc19a9525d7faf78cfe30270db893d34dbf5251b5d103aed5b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 22 Jan 2023 12:44:55 GMT
ETag: "1e8f4569503f8221848f543cf4c19a3043ebd1df"
Last-Modified: Wed, 18 Jan 2023 12:44:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1743
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b89c690e18b518-OSL
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f5bfc18d81657d2edc0b527272a3b512
dd742056cbd891cb3b25e7fb47cb29aeddea8f80
ec32995d010abce62ffc146bf8a5f45ce38d9e447283f6f0c54669d62bbbcd8d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=843
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a205077205b8116138b8ed765673a448
ce67454700c786dc2b11166bfbebf2ff6219cca2
df4038cbcf07b92971ad354a3da0521b71f1d9610d3acf0ce8dfb38211d0a87d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 18:26:30 GMT
Expires: Mon, 23 Jan 2023 18:26:29 GMT
Etag: "ce67454700c786dc2b11166bfbebf2ff6219cca2"
Cache-Control: max-age=439455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b89c686c20b523-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 94c382b1ea79c774911a4fa2a1bdafbe
e83556bb86521e36816e5cfc63b1ed1db98f6c13
f142f4a81c87ebba493cb1b9f08de6260b7a8bfe3dced5495ab50fb226e0c5ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F142F4A81C87EBBA493CB1B9F08DE6260B7A8BFE3DCED5495AB50FB226E0C5FF"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17434
Expires: Wed, 18 Jan 2023 21:02:47 GMT
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 94c382b1ea79c774911a4fa2a1bdafbe
e83556bb86521e36816e5cfc63b1ed1db98f6c13
f142f4a81c87ebba493cb1b9f08de6260b7a8bfe3dced5495ab50fb226e0c5ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F142F4A81C87EBBA493CB1B9F08DE6260B7A8BFE3DCED5495AB50FB226E0C5FF"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16370
Expires: Wed, 18 Jan 2023 20:45:03 GMT
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
image.tnmvgr.cn/oms.1511122.com/1672811733462-960x60.gif
47.246.44.206200 OK 109 kB URL HTTP/1.1 image.tnmvgr.cn/oms.1511122.com/1672811733462-960x60.gif
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 109 kB (109246 bytes)
Hash e573c37ce1ba8b57e8dfb8fcd43368c9
f5da3a1479bfd18c820893899b5b478df5d02d3c
d9f97dfc186d336e8a5da72bffc7b70378bf87f68de9af20d59a8b88ff271d53
GET /oms.1511122.com/1672811733462-960x60.gif HTTP/1.1
Host: image.tnmvgr.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 109246
Connection: keep-alive
Date: Wed, 18 Jan 2023 15:56:00 GMT
x-oss-request-id: 63C816905112A0323031F7C9
Vary: Origin
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E573C37CE1BA8B57E8DFB8FCD43368C9"
Last-Modified: Wed, 04 Jan 2023 05:55:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5454499210466108819
x-oss-storage-class: Standard
Content-MD5: 5XPDfOG6i1fo37j81DNoyQ==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1674057360
Via: cache10.l2de2[0,0,304-0,H], cache20.l2de2[1,0], cache7.se1[0,0,200-0,H], cache4.se1[1,0]
Age: 973
X-Cache: HIT TCP_MEM_HIT dirn:11:366226362
X-Swift-SaveTime: Wed, 18 Jan 2023 16:00:38 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9816740583337064210e
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 94c382b1ea79c774911a4fa2a1bdafbe
e83556bb86521e36816e5cfc63b1ed1db98f6c13
f142f4a81c87ebba493cb1b9f08de6260b7a8bfe3dced5495ab50fb226e0c5ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F142F4A81C87EBBA493CB1B9F08DE6260B7A8BFE3DCED5495AB50FB226E0C5FF"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16386
Expires: Wed, 18 Jan 2023 20:45:19 GMT
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4013b4c8b3e7c3a1a0ac60b600d13e5
64c291308a6f76fc8803b4e420a903319cd3b974
c5e838a2aebbc73c6dec5ba3bec4d547d9395438e167919141a18374f68d49d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5E838A2AEBBC73C6DEC5BA3BEC4D547D9395438E167919141A18374F68D49D3"
Last-Modified: Wed, 18 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17989
Expires: Wed, 18 Jan 2023 21:12:02 GMT
Date: Wed, 18 Jan 2023 16:12:13 GMT
Connection: keep-alive
2k.qfbj2.com/template/web/dh2.js
23.224.221.53200 OK 303 kB URL HTTP/2 2k.qfbj2.com/template/web/dh2.js
IP 23.224.221.53:0
Size 303 kB (302793 bytes)
Hash 0b8ea679edac10ff413a7e8e2a2e9917
b3eb05a3d62623a59091587e4510333b97efee06
894cd2410c41558d5db41eb7a1f512a9d53cb2a9b31bd4204836168ddb299c89
GET /template/web/dh2.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 04:26:40 GMT
vary: Accept-Encoding
etag: W/"63c62380-36c3"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/ppll.gif
23.224.221.53200 OK 965 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/ppll.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 480 x 270\012- data
Size 965 kB (965446 bytes)
Hash 5f87eaa078aeb58fbe6a932225fe00e2
d155153be18e5b37704fa2b046751373a23bd708
55f2f4507e307aa3a6f26e06744510894d6a35a5289600b60120ddfca84e1cf9
GET /template/web/GG/ppll.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 965446
last-modified: Thu, 01 Dec 2022 04:59:54 GMT
etag: "638834ca-ebb46"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/xx2.js
23.224.221.53200 OK 563 kB URL HTTP/2 2k.qfbj2.com/template/web/xx2.js
IP 23.224.221.53:0
Size 563 kB (562567 bytes)
Hash abb4790dde4ef801104ee2fc78b63dd2
92afd36601a4388422f449c600c3c6aaf25eb0ec
213ee30d38685a37673958d4e37fc4f6ac827d8d9cd02401c12dda48bfef798c
GET /template/web/xx2.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 14:32:24 GMT
vary: Accept-Encoding
etag: W/"63c6b178-669"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/fonts/iconfont.ttf
23.224.221.53200 OK 1.2 kB URL HTTP/2 2k.qfbj2.com/template/meizhuama/fonts/iconfont.ttf
IP 23.224.221.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /template/meizhuama/fonts/iconfont.ttf HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: application/octet-stream
content-length: 1163
last-modified: Sun, 06 Mar 2022 14:17:48 GMT
etag: "6224c28c-48b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/4.gif
23.224.221.53200 OK 279 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/4.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 200 x 113\012- data
Size 279 kB (279026 bytes)
Hash 42809e0a73309f01de7651ab3b712cb4
19a1658a10d4e8ca6831a824d4bccbb35dcbf113
da7e1e1332d196cde6cc3a7b9c758abb4493e9708799e7836551823dd399b13d
GET /template/web/GG/4.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 279026
last-modified: Wed, 11 May 2022 08:12:44 GMT
etag: "627b6ffc-441f2"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/k19.gif
23.224.221.53200 OK 288 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/k19.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 140 x 140\012- data
Size 288 kB (287575 bytes)
Hash e758cbb971464ca5059e4cdbc1a7601f
615032c5f3516cd6d685bde3c1214a5d05833cd1
df4ecca258502e6c66deb343d9fc8d0bf05e46927194a2e1bc6c652fb80ba71d
GET /template/web/GG/k19.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 287575
last-modified: Sat, 04 Jun 2022 02:42:13 GMT
etag: "629ac685-46357"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/a07.gif
23.224.221.53200 OK 356 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/a07.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 344 x 292\012- data
Size 356 kB (355956 bytes)
Hash 7fcc1b0bc144505a6445039f16e7ae84
c102af587f677b89bb65f7e850a4ca4b41a45456
409d94d159f6c851b76881b6937460458b25a246e45bf6ab98f34efd9474ede8
GET /template/web/GG/a07.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 355956
last-modified: Sat, 18 Jun 2022 04:10:23 GMT
etag: "62ad502f-56e74"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?959981931bea09b9a10c9c552a50e761
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?959981931bea09b9a10c9c552a50e761
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash fdf392dd17ba3692f879b7162f312be9
9c58b16837f796b3faa99ff0ca2b96e5c048683b
d2ccef6c3d340202d52cc1d125e36b717aa528d8356145d15f75ef9cba659fb8
GET /hm.js?959981931bea09b9a10c9c552a50e761 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 18 Jan 2023 16:12:13 GMT
Etag: be29fc49b07f1933537fb19942601764
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6A15A8B1A4D37E27; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kvevv.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.94200 OK 288 kB URL HTTP/1.1 kvevv.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.94:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 288397
Connection: keep-alive
Date: Sat, 24 Dec 2022 08:26:22 GMT
Last-Modified: Sat, 24 Dec 2022 08:23:21 GMT
ETag: "e17bb688cfdae836ea866c47e92a022a"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: 7WMDjKMS3QNdPWe-WvC8WQm503asv2EV8FkMIxx35djdt4tNfwnreg==
Age: 2187952
2k.qfbj2.com/template/web/GG/a13.gif
23.224.221.53200 OK 674 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/a13.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 393 x 262\012- data
Size 674 kB (673882 bytes)
Hash 8f0aa6d32c03c602b0480194b2efdf4a
a2dfc596103bf743c9cf389e2b7a481a8bbedc96
2a54a439ea081c5418030b63dd4e0f247ff7089b1d7ba67a0fe6e2abcf466658
GET /template/web/GG/a13.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 673882
last-modified: Mon, 20 Jun 2022 04:59:33 GMT
etag: "62affeb5-a485a"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/dp2.gif
23.224.221.53200 OK 767 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/dp2.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 767 kB (766938 bytes)
Hash 06f924cdbba4e6c4765765139a404682
7eaadc65f26a4fe45240e14f96c29aa53e721775
514dc1d00a06bed8dbb2a891aa73b6ff70cd32772f582df1c2c959c856d45a5d
GET /template/web/GG/dp2.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 766938
last-modified: Mon, 25 Apr 2022 12:29:50 GMT
etag: "6266943e-bb3da"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/dp4.gif
23.224.221.53200 OK 747 kB URL HTTP/2 2k.qfbj2.com/template/web/GG/dp4.gif
IP 23.224.221.53:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 747 kB (746571 bytes)
Hash 84e8edecf6c28c8218e0a7b1ad9ea414
3897e6bf1a2292c59b45e44d2b9c38e45f8f9a6f
356abb92d87698d59a4af16304d13e760b032739634c495fba68568e82d5c1ce
GET /template/web/GG/dp4.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 746571
last-modified: Mon, 25 Apr 2022 12:29:52 GMT
etag: "62669440-b644b"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 5d7a8e94abcfde0f570065019b830f30
cc5be316a47d07b2044066f3cc6c509f67b12815
ecc17340f99b75be0b491bff654b29a73d6c1c3e225ecf8ad6116f76cb6bf2b0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=844
Date: Wed, 18 Jan 2023 16:12:14 GMT
Connection: keep-alive
X-N: S
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
13.227.254.100200 OK 919 kB URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 13.227.254.100:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 918679
last-modified: Mon, 19 Dec 2022 07:54:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 18 Jan 2023 15:27:41 GMT
etag: "956582dd3aa22ca9b19bdd1d5e091e24"
x-cache: Hit from cloudfront
via: 1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 9GuT1qi_x8p5qb3QTbKOLDEMHTbvsGHOjq9SEHC8r8ee1tuORQxcDg==
age: 2673
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 63912d4218f4ed364e9a1514db3cba69
72607774f04e20d7bbef780bbb5c6b716782e3f9
3135c1bac56aa082477cd7e5a1cf8e713f2c1f8e4bffb79b7585e182205a4cac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 960
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 16:12:14 GMT
Etag: "63c7193b-2d7"
Last-Modified: Wed, 18 Jan 2023 15:56:14 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 727
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash fbfd37582000a7264560b7bb153a7737
d6c99d3c2265db8c74b7a7b689c9ffe713c1d63d
b1a4bad403617ef18fb3864308ce8ab17f8b46637c7f516a02824997bdbfa341
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107881
Date: Wed, 18 Jan 2023 16:12:14 GMT
Etag: "63c70580-1d7"
Expires: Thu, 19 Jan 2023 22:10:15 GMT
Last-Modified: Tue, 17 Jan 2023 20:30:56 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r6O062Vbnv9P5O4G-BJzMBVzkk6rq-WNjzUfkv1iuR9VdCBHY8PcLA==
Age: 5959
p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
47.246.44.229200 OK 343 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 343 kB (343002 bytes)
Hash ce862703bd3a6fd9e7acc3c32453fe84
c27754e24547e935314ba986477cd326628af7e4
eb9f779660b2713488854f27a211239724bb29b842e939424ec882b51520350b
GET /obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 343002
date: Sat, 17 Dec 2022 10:28:23 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 10:00:43 GMT
nw-session-id: 2022121718004301013113605215982497p5k6801dy
nw-session-trace: 2022-12-17T18:00:43.827293149+08:00 42
x-bdcdn-cache-status: TCP_HIT
x-length: 343002
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 18:00:43 GMT
x-tt-logid: 2022121718004301013113605215982497
via: n128-134-083, cache14.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[3,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:15:482::74
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010ec35d8338a3c1341674e3d2464ee09a429c9c5af2fc930930b9ec60625c05f3b71a3d79f906afd2479681df4ec15d8b01af344e24d3e5df5584a5196f7e0400dfccab4c7d44dab881b7b096fd4eb23fa223bfc14da29e326a459a9a6aa15d8b
x-response-lb: image
ali-swift-global-savetime: 1671272903
age: 2785431
x-cache: HIT TCP_MEM_HIT dirn:9:164853675
x-swift-savetime: Sat, 17 Dec 2022 11:36:55 GMT
x-swift-cachetime: 31531888
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816740583341504561e
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?86ea3af34e71a9d5eae3e3255c8ace53
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?86ea3af34e71a9d5eae3e3255c8ace53
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash fd2ede78803e357ad3975f945ef80422
c09676fbfd1f2734c15e0e4aef2ef72e8d833fcc
afe02d257536283127447bd757d894cbe01d08eedca08e4c677cd22dc225e74b
GET /hm.js?86ea3af34e71a9d5eae3e3255c8ace53 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 18 Jan 2023 16:12:13 GMT
Etag: b45da03725b29ff798c48679a31d38f3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1C4527398953240D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.102200 OK 396 kB URL HTTP/2 kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.102:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 20 Dec 2022 23:20:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8c73194b247676a80d86714cba2447a4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: z4O3KoBurr5cULzWk2UU2NQaN_9vmdBEohH6Z5JP1gIjEvIZWo1tlw==
age: 2479926
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/zxbf.js
23.224.221.53200 OK 100 kB URL HTTP/2 2k.qfbj2.com/template/web/zxbf.js
IP 23.224.221.53:0
Size 100 kB (100413 bytes)
Hash 185b0cbde7161897017e43fb0b9a706a
cdd8eb040cb47fbe814be234965662c6c3a1f8aa
faed341686f800cba028f717e1cddfdaf19d06d910b0bcde110b6a4e6488409d
GET /template/web/zxbf.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 04:29:43 GMT
vary: Accept-Encoding
etag: W/"63c62437-14c4"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
8499683.com/8499/zzxx/960x60.gif
172.247.50.229200 OK 291 kB URL HTTP/2 8499683.com/8499/zzxx/960x60.gif
IP 172.247.50.229:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1760629624&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32294&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1760629624&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32294&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1760629624&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32294&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 18 Jan 2023 16:12:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=93604F50BA5D3B4A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
3718896ccc.com/c76b6b83f68449898dbeba8d3afeeb17.gif
45.61.212.46200 OK 429 kB URL HTTP/1.1 3718896ccc.com/c76b6b83f68449898dbeba8d3afeeb17.gif
IP 45.61.212.46:0
File type GIF image data, version 89a, 750 x 100\012- data
Size 429 kB (428715 bytes)
Hash 8210df04bd6396b170b8feb016ae687f
e3a485ecef81f1464cefb0c321c8747190e8b762
cf47ae179a9a0a1a8d7f149af54bc698aca7eca03a0b2436eb929eb908637738
GET /c76b6b83f68449898dbeba8d3afeeb17.gif HTTP/1.1
Host: 3718896ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c4f987-68aab"
Date: Mon, 16 Jan 2023 07:15:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 16 Jan 2023 07:15:19 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 428715
66668aaa.com/2650173e69ec4b84b29634bd395a4c91.gif
45.61.212.224200 OK 857 kB URL HTTP/1.1 66668aaa.com/2650173e69ec4b84b29634bd395a4c91.gif
IP 45.61.212.224:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 857 kB (857145 bytes)
Hash cf250ba4debf89cc57f49709d7cb73b0
ef7b4219780eedca6dde0a5b46278cd8120bf00f
952f1be23b3fc8df89b231db9a483f55ccd73486d8fe3e71c07e70405cbd4d4a
GET /2650173e69ec4b84b29634bd395a4c91.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c6b058-d1439"
Date: Tue, 17 Jan 2023 14:34:19 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 17 Jan 2023 14:27:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-24
Content-Length: 857145
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 053b71b572245f6b2969177ba123cb2f
ddb7cd99903ca0d20099e1dded4439d03bc6b4f6
70fd2db176bf5ace19b842fa485cab416843c33a18d94a61b574cfe799a146ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70FD2DB176BF5ACE19B842FA485CAB416843C33A18D94A61B574CFE799A146AC"
Last-Modified: Tue, 17 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17930
Expires: Wed, 18 Jan 2023 21:11:04 GMT
Date: Wed, 18 Jan 2023 16:12:14 GMT
Connection: keep-alive
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
13.227.254.64200 OK 902 kB URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 13.227.254.64:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 902313
last-modified: Thu, 15 Dec 2022 02:17:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 17 Jan 2023 23:29:15 GMT
etag: "8b4a95ea7cfbb7fb4d2b18efca5145f3"
x-cache: Hit from cloudfront
via: 1.1 9c281f6d3073335c1b2f806823d50e2a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 1WDJMSOwS15ytx4laiVSot8F709G10CJiXiApSIMKX15f_y3nfbppQ==
age: 60179
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1967014563&si=86ea3af34e71a9d5eae3e3255c8ace53&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32294&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1967014563&si=86ea3af34e71a9d5eae3e3255c8ace53&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32294&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1967014563&si=86ea3af34e71a9d5eae3e3255c8ace53&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32294&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 18 Jan 2023 16:12:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=42AA08B3D7843F05; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 909919f7d31f1d127b2cfc0df7b4be7d
0ecfc6ba6db9e6600b26066dc11ca56853aead94
cb2c46d7bbc5c3a8e11128153d01d59d961727c2ba8006505e967b6654f66675
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 03:05:08 GMT
Expires: Tue, 24 Jan 2023 03:05:07 GMT
Etag: "0ecfc6ba6db9e6600b26066dc11ca56853aead94"
Cache-Control: max-age=470572,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78b89c6e3e070b41-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 4952ae078a578cdb55e1b1ca5ab0d998
cf4deb7467b9baf2d610915ac6eb0ab451a0edb4
e9d9f232619a0cf9a5b655eb3570c5d9b0eabff7edb30d7f843f7867acaf6498
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 22 Jan 2023 13:43:28 GMT
ETag: "cf4deb7467b9baf2d610915ac6eb0ab451a0edb4"
Last-Modified: Wed, 18 Jan 2023 13:43:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2617
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b89c6fabbeb4ee-OSL
2k.qfbj2.com/template/web/app.js
23.224.221.53200 OK 215 kB URL HTTP/2 2k.qfbj2.com/template/web/app.js
IP 23.224.221.53:0
Size 215 kB (215226 bytes)
Hash a3e42b3bd10ae0ccf2fec039cf3c4684
3d1a3eafb1a41070c5c5795061cf75c07791b45d
7569f5940a0fa2289707fd341089ad057779a5585b17571509c3f384027ae4f3
GET /template/web/app.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 04:25:53 GMT
vary: Accept-Encoding
etag: W/"63c62351-3246"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/xx3.js
23.224.221.53200 OK 272 kB URL HTTP/2 2k.qfbj2.com/template/web/xx3.js
IP 23.224.221.53:0
Size 272 kB (271619 bytes)
Hash 9c3387e643b0fe9de73765bddc9794b0
30b1866403f2804d58ce1b3d06e12105d536d8bf
e5eb4e5796aca3f08d7a52821c5a846218f7ffbd783423f34914218ecc84d923
GET /template/web/xx3.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 14:32:33 GMT
vary: Accept-Encoding
etag: W/"63c6b181-13e4"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/dh1.js
23.224.221.53200 OK 139 kB URL HTTP/2 2k.qfbj2.com/template/web/dh1.js
IP 23.224.221.53:0
Size 139 kB (138553 bytes)
Hash abe50d71759c7ef7bf4c4f6df6cf5470
b801bc147a27adf26e37acfb914d3bb0e8243633
7c245ad44ff1289e838d11a9955c4e8d0eeb4da903adedcc92533e2f10252468
GET /template/web/dh1.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 04:26:22 GMT
vary: Accept-Encoding
etag: W/"63c6236e-33ec"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
baidu6image6sina38.com/pics/960x160.gif
202.79.168.156200 OK 1.1 MB URL HTTP/2 baidu6image6sina38.com/pics/960x160.gif
IP 202.79.168.156:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1072940 bytes)
Hash 218522b7d7aafbbec214d830e5083e63
e1b3acc2834522983092148ae0a8655b54c8e94c
b41b23a889d2b8ce6d476e9e695f881a1d9dee8e5fcee0ef054ff4a245ae14fc
GET /pics/960x160.gif HTTP/1.1
Host: baidu6image6sina38.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
content-length: 1072940
last-modified: Sun, 15 Jan 2023 08:34:00 GMT
etag: "63c3ba78-105f2c"
expires: Fri, 17 Feb 2023 16:12:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
baidu6image6sina38.com/pics/960x80.gif
202.79.168.156200 OK 610 kB URL HTTP/2 baidu6image6sina38.com/pics/960x80.gif
IP 202.79.168.156:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 80\012- data
Size 610 kB (610044 bytes)
Hash b27497b12ab8408c575804f5bae22bc2
210a46c5811435945b2ef6227c9eb22a13cd6f78
3f1563e29b1a848d447a38d9890301b760076756cbc5ae594273a3aa59d7664b
GET /pics/960x80.gif HTTP/1.1
Host: baidu6image6sina38.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
content-length: 610044
last-modified: Sun, 15 Jan 2023 08:30:56 GMT
etag: "63c3b9c0-94efc"
expires: Fri, 17 Feb 2023 16:12:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kzeoo.com/dc6a101fe66ff5b5451c5cfd06a5d193.gif
172.83.155.45200 OK 370 kB URL HTTP/2 kzeoo.com/dc6a101fe66ff5b5451c5cfd06a5d193.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 370 kB (369588 bytes)
Hash 8798d5e84c5026dc0ae409029e085cea
97ac4e376967d94bed563a5682f6dce3b3f797cc
d916e69d45187a9dc42167043c6e45406a088e6d7352c6c79cefcc0e60c8c6e3
GET /dc6a101fe66ff5b5451c5cfd06a5d193.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
content-length: 369588
last-modified: Tue, 16 Aug 2022 11:19:06 GMT
etag: "62fb7d2a-5a3b4"
expires: Thu, 19 Jan 2023 04:12:13 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 728862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvR4cuCH315119fEm0zaYuiuHyMvhMOoLBNvCpWFGQU4LMuXjvGKS%2FMHCzFdP6o4iv65ZmfwljuwU4rJ1O40eXqVtHafPXXuINXJUZ7uwUH6U9arny%2FCpHt%2F5w3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 789066de1e42eb57-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 29368babd08fc20d27dd3a91b3421ce8
654ed32484beb78b58e4e7d03894c2ab85003e4d
70ee056663df2a391579dd950f94a8819c2f94335a70015473589213d08209d9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 18 Jan 2023 15:47:26 GMT
last-modified: Tue, 17 Jan 2023 17:47:55 GMT
expires: Tue, 24 Jan 2023 17:47:54 GMT
etag: "654ed32484beb78b58e4e7d03894c2ab85003e4d"
cache-control: max-age=582340,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78b87818dc649259-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674056846
via: cache15.l2de2[0,0,304-0,H], cache16.l2de2[0,0], cache1.se1[84,83,200-0,H], cache4.se1[86,0], cache5.se1[87,0]
age: 1488
x-cache: HIT TCP_REFRESH_HIT dirn:2:212205283
x-swift-savetime: Wed, 18 Jan 2023 16:12:14 GMT
x-swift-cachetime: 312
timing-allow-origin: *, *
eagleid: 2ff62c9916740583348214895e, 2ff62c9916740583348214895e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 29368babd08fc20d27dd3a91b3421ce8
654ed32484beb78b58e4e7d03894c2ab85003e4d
70ee056663df2a391579dd950f94a8819c2f94335a70015473589213d08209d9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 18 Jan 2023 15:47:26 GMT
last-modified: Tue, 17 Jan 2023 17:47:55 GMT
expires: Tue, 24 Jan 2023 17:47:54 GMT
etag: "654ed32484beb78b58e4e7d03894c2ab85003e4d"
cache-control: max-age=582340,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78b87818dc649259-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674056846
via: cache15.l2de2[0,0,304-0,H], cache16.l2de2[0,0], cache1.se1[0,0,200-0,H], cache4.se1[0,0], cache8.se1[3,0]
age: 1488
x-cache: HIT TCP_MEM_HIT dirn:2:212205283
x-swift-savetime: Wed, 18 Jan 2023 16:12:14 GMT
x-swift-cachetime: 312
timing-allow-origin: *, *
eagleid: 2ff62c9c16740583349122506e, 2ff62c9c16740583349122506e
9030a.cc/1008-960x60.gif
154.85.10.21200 OK 245 kB IP 154.85.10.21:0
ASN #211392 Dream Cloud Innovation Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245135 bytes)
Hash b6eb4d9fd04fe63a7687677a8036e237
eac3cedc645a39478dc6ad3ec6ea97db621174b8
6b61596ae15b088b70b49d17c7b47eaffaa5f235c9215459334b85039af7f008
GET /1008-960x60.gif HTTP/1.1
Host: 9030a.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 04 Oct 2022 14:45:04 GMT
Accept-Ranges: bytes
ETag: "5c7ab8e3ffd7d81:0"
Server: Microsoft-IIS/8.5
Date: Wed, 18 Jan 2023 16:12:09 GMT
Content-Length: 245135
X-Via: 1.1 localhost.localdomain (random:85111 Fikker/Webcache/3.7.8)
Set-Cookie: fikker-tkjk-8I2E=6AJN4WT7BW0g0mIaVuK7h92mbGRsXQjs; expires=Thu, 19 Jan 2023 02:40:02 GMT; max-age=7200; path=/
fikker-tkjk-8I2E=6AJN4WT7BW0g0mIaVuK7h92mbGRsXQjs; expires=Thu, 19 Jan 2023 02:40:02 GMT; domain=.cc; max-age=7200; path=/
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOiavFpnSj4iclWL0ZIe8L7lRTY2TqJMia0N38/0
43.154.254.32200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOiavFpnSj4iclWL0ZIe8L7lRTY2TqJMia0N38/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7PJmjpJPGJOiavFpnSj4iclWL0ZIe8L7lRTY2TqJMia0N38/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Sat, 31 Dec 2022 07:19:17 GMT
cache-control: max-age=2592000
x-delay: 45102 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: a5c61fba-32bb-4731-8a2f-f4f5067ac354
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/dbxf.js
23.224.221.53200 OK 56 kB URL HTTP/2 2k.qfbj2.com/template/web/dbxf.js
IP 23.224.221.53:0
Hash 4ec8a7fdc9c5f2e5a61dcdb6d2e63c06
6e08dc59a41e2a60ff76a8f65907bc3241071ce7
710ee75398c323a4c7d904e57ae743ae1d13f12b8028bd36af88ee8ecf90e079
GET /template/web/dbxf.js HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 17:25:27 GMT
vary: Accept-Encoding
etag: W/"63bef107-7ab"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.67200 OK 299 kB URL HTTP/1.1 383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.67:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63C81A5D9B92023833CEF280
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 3
cdn-jinjutupian-cdn.com/jj/640-100.gif
172.247.80.60200 OK 71 kB URL HTTP/2 cdn-jinjutupian-cdn.com/jj/640-100.gif
IP 172.247.80.60:0
File type GIF image data, version 89a, 640 x 100\012- data
Hash cdc759f1218c304fd70a17ee805fdd2b
0a4c54b190aebcd416d0785abb0643d51bf78bd9
d4b0f1eef2faf4601d707cec784124302ad79833c2b422c204739d8c30de0ab0
GET /jj/640-100.gif HTTP/1.1
Host: cdn-jinjutupian-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:14 GMT
content-type: image/gif
content-length: 70615
last-modified: Wed, 28 Dec 2022 16:09:36 GMT
etag: "63ac6a40-113d7"
expires: Fri, 17 Feb 2023 15:45:37 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?23623cf5f4a21b97670aa94e566ea294
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?23623cf5f4a21b97670aa94e566ea294
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash c0cc12f7e6ef70cc3f6cc1cd4f8654f2
59478169c1276dceee20b817ae2c2d730b787c0e
36a5401c32685c2168e10b00cf0d83e68dfb82103f998c227dc6b91cc8e6b5ea
GET /hm.js?23623cf5f4a21b97670aa94e566ea294 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 18 Jan 2023 16:12:14 GMT
Etag: bad979f12b8282eae4a5bb20b310ff03
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AD63473D60B87455; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ia.51.la/go1?id=21273067&rt=1674058333442&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1674058333442&tt=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252F2k.qfbj2.com%252F&pu=http%253A%252F%252Fwww.234854.net%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21273067&rt=1674058333442&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1674058333442&tt=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252F2k.qfbj2.com%252F&pu=http%253A%252F%252Fwww.234854.net%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21273067&rt=1674058333442&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1674058333442&tt=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E5%25A4%25A7%25E6%25B5%25B7%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252F2k.qfbj2.com%252F&pu=http%253A%252F%252Fwww.234854.net%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 18 Jan 2023 16:12:15 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=2fd5d12d15faef9e605; path=/
HWWAFSESTIME=1674058334948; path=/
ky891.oss-cn-shenzhen.aliyuncs.com/891-960x80.gif
120.77.167.202200 OK 299 kB URL HTTP/1.1 ky891.oss-cn-shenzhen.aliyuncs.com/891-960x80.gif
IP 120.77.167.202:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (298872 bytes)
Hash 563418030c4388ccb5df09d7a956b3aa
bc52680b1b525e7fe8cc17a64903035e00cbc37f
476d03d56758f426d0cd7541718e28ddcffc1a5336cd728f07f82606bed1f4f6
GET /891-960x80.gif HTTP/1.1
Host: ky891.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 18 Jan 2023 16:12:14 GMT
Content-Type: image/gif
Content-Length: 298872
Connection: keep-alive
x-oss-request-id: 63C81A5E511B143235CAA160
Accept-Ranges: bytes
ETag: "563418030C4388CCB5DF09D7A956B3AA"
Last-Modified: Mon, 02 Jan 2023 14:12:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6427100620931530640
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: VjQYAwxDiMy13wnXqVazqg==
x-oss-server-time: 2
lbfm.lbpictupian.com/upload/vod/2020/05-01/12/xmwdrwuq4b31203xmwdrwuq4b32833284.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-01/12/xmwdrwuq4b31203xmwdrwuq4b32833284.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c79fe3fe0d4baff191a87e4650932f4
3cd8aef4f73cbd5577e3c9f507aa41f07b34ba86
11ffc2d0f999e4723fb3c391b1aa6443890561439cce824c3e45c8d95444bea2
GET /upload/vod/2020/05-01/12/xmwdrwuq4b31203xmwdrwuq4b32833284.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:15 GMT
content-type: image/webp
content-length: 9972
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11305
content-disposition: inline; filename="xmwdrwuq4b31203xmwdrwuq4b32833284.webp"
etag: "5eab9f90-2c29"
last-modified: Fri, 01 May 2020 04:03:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78b89c5f1e190b31-OSL
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/js/js1911-200x200.gif
120.77.166.72200 OK 225 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js/js1911-200x200.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 225 kB (225026 bytes)
Hash d0ec0f9c3f6bea10c3932dc6c67e95f3
d90ff84ffd8c75172e3d72f5fbc641e8cba869c6
1237fd778d6bb08a35af656bdcb2cbec947f6a725014ec7775d6509644deab90
GET /js/js1911-200x200.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 18 Jan 2023 16:12:14 GMT
Content-Type: image/gif
Content-Length: 225026
Connection: keep-alive
x-oss-request-id: 63C81A5E2612B03030B6F6D5
Accept-Ranges: bytes
ETag: "D0EC0F9C3F6BEA10C3932DC6C67E95F3"
Last-Modified: Mon, 19 Dec 2022 08:37:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16580088513556850248
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 0OwPnD9r6hDDky3Gxn6V8w==
x-oss-server-time: 1
595tuchuang.com/960x80.gif
183.255.106.42200 OK 145 kB URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 183.255.106.42:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 16:12:13 GMT
Content-Type: image/gif
Content-Length: 144990
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:28:21 GMT
ETag: "63a309f5-2365e"
Expires: Wed, 15 Feb 2023 09:33:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1474490198&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32295&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1474490198&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32295&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1474490198&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.234854.net%2F&v=1.3.0&lv=1&sn=32295&r=0&ww=1140&u=https%3A%2F%2F2k.qfbj2.com%2F&tt=%E5%A4%A7%E6%B5%B7%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 18 Jan 2023 16:12:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B53E822C8E9A1C65; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.55200 OK 300 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.55:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 300 kB (299985 bytes)
Hash 5d7118c19a9bd8ff78641a72cb481144
5cf8f1709330929db0f38141e5e18518a2ddcb12
ebd1f7b5795943f0b6e779047bfd82e03c020056e9ae9f4a4f8b400d3835cd85
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 18 Jan 2023 16:12:14 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63C81A5E22C82A3539DE7065
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 2
gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
118.212.231.84200 OK 400 kB URL HTTP/1.1 gtm-cn-j6730u6sd0b.gtm-a3b8.com/ky960x60.gif
IP 118.212.231.84:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (399450 bytes)
Hash 4e1e4b8f46ac2e67539d5881785ba29a
7d3c9c963087ffc8c196cb7e67629342027a8a45
4c9cc489a2e26500ace73c53ce05bdfa52876a8700b7e9e73c1554187acefb0d
GET /ky960x60.gif HTTP/1.1
Host: gtm-cn-j6730u6sd0b.gtm-a3b8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 29 Dec 2022 12:09:17 GMT
Etag: "4e1e4b8f46ac2e67539d5881785ba29a"
Content-Type: image/gif
Date: Mon, 09 Jan 2023 04:38:46 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 10945751995987991778
x-cos-request-id: NjNiYjlhNTZfYjIxMDcxMDlfMjgzYTdfMjlkMTZjZA==
Content-Length: 399450
Accept-Ranges: bytes
X-NWS-LOG-UUID: 1887458044268648241
Connection: keep-alive
X-Cache-Lookup: Cache Hit
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
120.77.166.72200 OK 394 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 394 kB (394237 bytes)
Hash 03123a07739f511b3306d13415cd72b1
6dbf38767657a15b922e4d153f46fe4829e012cb
72b3fa6461c39eace9c154e56b66b437457ecde50ae7c615cd923e442d058cdd
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 18 Jan 2023 16:12:14 GMT
Content-Type: image/gif
Content-Length: 394237
Connection: keep-alive
x-oss-request-id: 63C81A5E511B143431D6A160
Accept-Ranges: bytes
ETag: "03123A07739F511B3306D13415CD72B1"
Last-Modified: Tue, 20 Dec 2022 14:44:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13376170837400656090
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: AxI6B3OfURszBtE0Fc1ysQ==
x-oss-server-time: 1
img.1151555.com/images/63a1b20f7c2b41a439f0ec4c.gif
38.54.37.233302 Found 0 B URL HTTP/2 img.1151555.com/images/63a1b20f7c2b41a439f0ec4c.gif
IP 38.54.37.233:0
GET /images/63a1b20f7c2b41a439f0ec4c.gif HTTP/1.1
Host: img.1151555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
X-Firefox-Spdy: h2
2k.qfbj2.com/template/web/GG/55.gif
23.224.221.53200 OK 0 B URL HTTP/2 2k.qfbj2.com/template/web/GG/55.gif
IP 23.224.221.53:0
GET /template/web/GG/55.gif HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:12 GMT
content-type: image/gif
content-length: 834244
last-modified: Wed, 11 May 2022 08:28:17 GMT
etag: "627b73a1-cbac4"
expires: Fri, 17 Feb 2023 16:12:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/css/zui.css
23.224.221.53200 OK 0 B URL HTTP/2 2k.qfbj2.com/template/meizhuama/css/zui.css
IP 23.224.221.53:0
GET /template/meizhuama/css/zui.css HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 10:25:31 GMT
vary: Accept-Encoding
etag: W/"637ca39b-1b92c"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/css/ate.css
23.224.221.53200 OK 0 B URL HTTP/2 2k.qfbj2.com/template/meizhuama/css/ate.css
IP 23.224.221.53:0
GET /template/meizhuama/css/ate.css HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: text/css
last-modified: Tue, 13 Sep 2022 05:55:21 GMT
vary: Accept-Encoding
etag: W/"63201b49-13021"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
n0499.com/52398d62c1cf48fa95ec0fa704653940.gif
20.210.214.147200 OK 0 B URL HTTP/2 n0499.com/52398d62c1cf48fa95ec0fa704653940.gif
IP 20.210.214.147:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /52398d62c1cf48fa95ec0fa704653940.gif HTTP/1.1
Host: n0499.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 08 Jan 2023 13:53:34 GMT
etag: W/"63bacade-433f6"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
2k.qfbj2.com/template/meizhuama/css/seyuav-ui.css
23.224.221.53200 OK 0 B URL HTTP/2 2k.qfbj2.com/template/meizhuama/css/seyuav-ui.css
IP 23.224.221.53:0
GET /template/meizhuama/css/seyuav-ui.css HTTP/1.1
Host: 2k.qfbj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 16:12:11 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 14:32:33 GMT
vary: Accept-Encoding
etag: W/"638a0c81-8a77"
expires: Thu, 19 Jan 2023 04:12:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
n0600.com/a06905fba15d4ef59ebcb392ebefd40a.gif
20.210.214.179200 OK 0 B URL HTTP/2 n0600.com/a06905fba15d4ef59ebcb392ebefd40a.gif
IP 20.210.214.179:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /a06905fba15d4ef59ebcb392ebefd40a.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2k.qfbj2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 16:12:13 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Wed, 04 Jan 2023 10:10:45 GMT
etag: W/"63b550a5-54d22"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2